A practical book that will help you defend against malicious activities
Key Features
- Learn how attackers infiltrate a network, exfiltrate sensitive data and destroy any evidence on their way out
- Learn how to choose, design and implement a cybersecurity program that best fits your needs
- Learn how to improve a cybersecurity program and accompanying cybersecurity posture by checks, balances and cyclic improvement activities
- Learn to verify, monitor and validate the cybersecurity program by active and passive cybersecurity monitoring activities
- Learn to detect malicious activities in your environment by implementing Threat Hunting exercises
Description
Modern Cybersecurity practices will take you on a journey through the realm of Cybersecurity. The book will have you observe and participate in the complete takeover of the network of Company-X, a widget making company that is about to release a revolutionary new widget that has the competition fearful and envious. The book will guide you through the process of the attack on Company-X's environment, shows how an attacker could use information and tools to infiltrate the companies network, exfiltrate sensitive data and then leave the company in disarray by leaving behind a little surprise for any users to find the next time they open their computer.
After we see how an attacker pulls off their malicious goals, the next part of the book will have your pick, design, and implement a security program that best reflects your specific situation and requirements. Along the way, we will look at a variety of methodologies, concepts, and tools that are typically used during the activities that are involved with the design, implementation, and improvement of one's cybersecurity posture.
After having implemented a fitting cybersecurity program and kickstarted the improvement of our cybersecurity posture improvement activities we then go and look at all activities, requirements, tools, and methodologies behind keeping an eye on the state of our cybersecurity posture with active and passive cybersecurity monitoring tools and activities as well as the use of threat hunting exercises to find malicious activity in our environment that typically stays under the radar of standard detection methods like firewall, IDS' and endpoint protection solutions.
What will you learn
- Explore the different methodologies, techniques, tools, and activities an attacker uses to breach a modern company's cybersecurity defenses
- Learn how to design a cybersecurity program that best fits your unique environment
- Monitor and improve one's cybersecurity posture by using active and passive security monitoring tools and activities.
- Build a Security Incident and Event Monitoring (SIEM) environment to monitor risk and incident development and handling.
- Use the SIEM and other resources to perform threat hunting exercises to find hidden mayhem
Who this book is for
This book is a must read to everyone involved with establishing, maintaining, and improving their Cybersecurity program and accompanying cybersecurity posture.
Table of Contents
1. What's at stake
2. Define scope
3.Adhere to a security standard
4. Defining the policies
5. Conducting a gap analysis
6. Interpreting the analysis results
7. Prioritizing remediation
8. Getting to a comfortable level
9. Conducting a penetration test.
10. Passive security monitoring.
11. Active security monitoring.
12. Threat hunting.
13. Continuous battle
14. Time to reflect
About the Author
Pascal Ackerman is a seasoned industrial security professional with a degree in electrical engineering and with 18 years of experience in industrial network design and support, information and network security, risk assessments, pentesting, threat hunting, and forensics.
Category:Windows Administration, Viruses & Malware, Windows Administration